Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Help removing virus located in winsxs folder

16 Aug 2012   #1

Windows 7 Home Premium x64
Help removing virus located in winsxs folder

Avast has informed me that I have a virus located primarily in my Winsxs folder. I would like to remove it. Here are the results of the scan. I tried to click repair, but as you can see it is telling me that access is denied. I haven't really noticed any differences in my system lately and I'm not sure when I accumulated this virus/viruses. Hopefully I can remove it. Let me know if you need any more information. Any help would be greatly appreciated.

Attached Thumbnails
Help removing virus located in winsxs folder-avast-scan-results.png  
My System SpecsSystem Spec
16 Aug 2012   #2

Windows 7 Home Premium x64

Okay, I re-scanned and now it says no virus found, but I still feel that I should check this out a bit.
My System SpecsSystem Spec
16 Aug 2012   #3
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Way too tiny to see, but I could see "Rootkit"
My best advice would be to wipe and do a 'clean install'.

You can never be sure that your OS will be stable again without a thorough cleaning.

Please read about Rootkits and what they do: Rootkit - Wikipedia, the free encyclopedia
My System SpecsSystem Spec

16 Aug 2012   #4
Layback Bear

Windows 7 Pro. 64/SP-1

Jacee they are all rootkets. 3 exe. 2 system and the rest dll. What a mess.
Jacee got the right idea. Take a look at this.
Windows 7 Installation - Prepare PC to be Sold
This will wipe and a clean install.
My System SpecsSystem Spec
16 Aug 2012   #5

Windows 7 Home Premium x64

Hmm, well it seems like it's a pretty serious threat to me. I haven't noticed it, but I guess I'm not supposed to. Before I go any further I have some questions. I re-scanned with Avast and it said that there was no threat found. Do you think it's actually gone? If I do decide to re-install the operating system (which I would like to avoid if possible) what will I be able to recover. I have a lot of customized settings and what not. What do you think these rootkits might be doing to my system? Can they infect files I put on flash drives or other removable media? I understand there is an alternative to putting n a clean operating system, how might I do that? I know it's a lot of questions, sorry and thanks for your help guys.
My System SpecsSystem Spec
17 Aug 2012   #6

MS Windows 7 Ultimate SP1 64-bit

Please see post #3 and #4 and read the referenced material.

Your answers are there.
My System SpecsSystem Spec
17 Aug 2012   #7

Windows 7 Home Premium x64

Thanks, I have read both pages and they do not answer all my questions, that is why I posted my questions.
My System SpecsSystem Spec
17 Aug 2012   #8
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10

You could try TDSSKiller, which might fix some of the problems.

However, rootkits are deep infections which can either write a hidden boot sector or compromise OS files. And, rootkits tend to introduce other viruses to the system. Some rootkits are able to circumvent AV scans. The Sirefef virus does this by presenting a ligitimate file to the AV scanner. When an AV scan is run, the legitimate file is presented to the scanner and it comes back as clean. In reality, once the legitimate file is run, the OS switches to the rouge driver and the rootkit is active and running. The Microsoft site recommends a clean reinstall for most variants of rootkits.

Being that your initial scan showed multiple infected files, the best/safest choice is a clean install.

Also, note that your AV scanner was denied access to these files, hence, no action was taken to remove them. Also, don't you find it strange that despite the detection of multiple infected files to which no access was allowed by the AV, they disappeared during the second scan? This is typical of the latest virus strains adaptive behavior.

Yes, viruses will jump to USB & removable media drives.

You could have been infected in multiple ways, a compromised website, a false update, keygens, etc.

Have a look at this tutorial on making a system image & once the machine is cleaned (Do NOT make one now), make & keep a couple of these around. Next time something like this happens, it can save you a lot of time.

Backup Complete Computer - Create an Image Backup
My System SpecsSystem Spec
17 Aug 2012   #9

Windows 7 Home Premium x64

Okay thanks, I did find it strange. I figured that it was probably still there. Anyway, is it safe to save/backup any of my files? I have some files that I would like to keep. Also, this is my laptop and I have moved countless files between this computer and my desktop. Do you think that the other computer might be infected as well?
My System SpecsSystem Spec
17 Aug 2012   #10

windows7 ultimate x64bit

even if you remove the virus, always leave behind damages in files and many other things, the best option is FORMAT!
My System SpecsSystem Spec

 Help removing virus located in winsxs folder

Thread Tools

Similar help and support threads
Thread Forum
17GB in winsxs folder help to reduce please
With 17GB in my winsxs folder I have tried the administrator command prompt by entering :dism /online /cleanup-image /spsuperseded but got a few error messages one was like 87 and another one then I entered suggested command...
General Discussion
Can't Delete Old Updates (winsxs Folder)
Hello, I used to be able to access an option in the Disk Cleanup tool (cleanmgr.exe) to delete old Updates files. Now, the tool merely scans for updates but does not display the appropriate checkbox. My winsxs folder is growing out of control. Installing a couple of recent updates (like 1GB of...
Windows Updates & Activation
Winsxs folder in Windows 7 Ultimate
Hi All, I have Windows 7 Ultimate 64, and found out that the folder "winsxs" contains besides "backup" folder also more than 21,400 folders with about 9GB of files. Are those files really needed? Thanks
Performance & Maintenance
10+GB winsxs folder cleanup?
So 10 gb seems kind of alot - and i havent actually kept my pc up to date (dont wanna think what it will end up if i install all the updates). It is SP1 the dism command line approach (dism /online /cleanup-image /spsuperseded /hidesp) didnt even make a dent - it run, reports nothing found and...
Performance & Maintenance
Moving the winsxs folder
I have a system that I set up with two drives; a main SSD and a standard HDD. I used Sysprep to move Users and ProgramData to the larger, slower HDD to preserve the SSD. I realized that most of the writing to the SSD now occurs in the Windows folder, specifically the winSXS folder. Is there...
General Discussion
winsxs folder
can it be deleted without damage to the system , i ask this as it has took up 11gb of space in my hard drive , thanks
General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:15.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App